[RUBY] [Rails] Session timeout setting in devise

Session timeout setting in devise

table of contents

  1. Benefits of setting a session timeout
  2. Disadvantages of setting session timeout
  3. Session timeout setting in devise

1. Benefits of setting a session timeout

  1. It is a countermeasure against fraudulent activities such as session theft, and the application can be operated safely.
  2. By judging the status of the user, the burden on the server side can be reduced.

2. Disadvantages of setting session timeout

  1. In the input form, etc., it is not possible to interrupt once and then input after resuming.
  2. If the login status expires many times, the user will have to log in again, and it will be judged that the application is not easy to use.

3. Session timeout setting in devise

3-1. Set Devise session timeout

Enter the following description. (Since it is commented out, it is OK if you uncomment it)

config/initializers/devise.rb


config.timeout_in = 30.minutes

3-2. Set "timeoutable" in User model

Enter the following description.

app/models/user.rb


class User < ApplicationRecord
  devise :database_authenticatable, :registerable,...abridgement...:timeoutable
end

This is the session timeout setting for devise.

Recommended Posts

[Rails] Session timeout setting in devise
[rails] Login screen implementation in devise
[Devise] rails memo basic setting initial setting
[Rails] Unexpected validation error in devise
[Rails] devise
[Rails] Function restrictions in devise (login / logout)
Change session timeout time in Spring Boot
[Rails] Introducing devise
Group_by in Rails
rails + devise + devise_token_auth
Create authentication function in Rails application using devise
I tried to organize the session in Rails
[Rails] Added in devise: username not added to database
Model association in Rails
[Rails] devise helper method
Adding columns in Rails
[Rails] Customize devise validation
Introduce devise in Rails to implement user management functionality
Disable turbolinks in Rails
CSRF measures in Rails
Handle devise with Rails
Regarding overcapacity when setting Rails tutorial environment in Cloud 9
^, $ in Rails regular expression
Use images in Rails
[Rails] devise introduction method
Understand migration in rails
[Rails] Initial setting of user-created login with devise, devise_token_auth
[rails] About devise defaults
Split routes.rb in Rails6
[Beginner] About Rails Session
Implement markdown in Rails
I was addicted to setting default_url_options with Rails devise introduction
[Rails] Solving the problem that session timeout does not work
Super easy in 2 steps! How to install devise! !! (rails 5 version)
[rails] Problems that cannot be registered / logged in with devise
Implement user registration function and corporate registration function separately in Rails devise
Get UserAgent in [Rails] controller
Implement application function in Rails
[Rails] Introduction of devise Basics
Spring RedisTemplate Config Timeout setting
Declarative transaction in Rails #ginzarb
What is Rails gem devise?
Implement follow function in Rails
[Rails] gem devise installation flow
Spring RestTemplate Config Timeout setting
Enable strong parameters in devise
[Rails] How to install devise
ActiveRecord :: NotNullViolation in Devise error
Japaneseize using i18n with Rails
Implement LTI authentication in Rails
Helper methods available in devise
Error in rails db: migrate
(For beginners) [Rails] Install Devise
Gem often used in Rails
Display Flash messages in Rails
[Rails] Add column to devise
View monthly calendar in Rails
Implement import process in Rails
Use multiple checkboxes in Rails6!
Rewrite Routes in Rails Engine
[rails] error during devise installation